wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-04-24 02:01:46 +02:00
Code Issues Projects Releases Wiki Activity
706 commits 5 branches 2 tags 10 MiB
Commit graph

250 commits

Author SHA1 Message Date
Douglas Gastonguay-Goddard
7eb4fc5f22 DigitalOcean - Add cleanup step for SSH key (#784) 
* Add cleanup step for SSH key.

* Two space tabs are hard to see.
 2018-01-19 20:06:15 -05:00
Jack Ivanov
a844870b7a Sendmail should not be installed (#738) 2017-11-22 09:15:43 -05:00
Marcelo Elizeche Landó
07a1c70bf4 Update adblock.sh for systemd to fix issue #735 (#736) 
* Update script to restart the dnsmasq service using systemctl(systemd) command instead of service(Upstart)

* Use  instead of legacy  REF: https://github.com/koalaman/shellcheck/wiki/SC2006

* Replace non-standard egrep(deprecated) for grep -E. REF: https://github.com/koalaman/shellcheck/wiki/SC2196
 2017-11-21 00:50:05 -05:00
Jack Ivanov
f18c1a0d67 Certificate revocation fix (#719) 2017-11-12 17:09:57 -05:00
Jack Ivanov
b64f682bae remove the dead code. Fixes #671 2017-11-08 18:22:58 +03:00
Jurgen Verhasselt
185c0f51d7 correct configs_prefix vars in client tasks (#712) 2017-11-04 07:16:29 +01:00
Julie Bernosky
dc4dff040e Add StrongSwan log level config option to ipsec.conf template (#700) 2017-10-19 16:06:43 +02:00
Jack Ivanov
3c55cd15a4 GCE. replace underscores (#698) 2017-10-18 16:23:57 -04:00
Jack Ivanov
ee7264f26e Ask users to enter the p12 password manually (#697) 2017-10-18 16:15:39 -04:00
Jack Ivanov
6b803e069f LibreSSL fix #625 (#685) 2017-10-01 16:40:08 -04:00
Jack Ivanov
8da53f859b Some browsers (eg. Safari) stop loading pages if the element with ads can't be loaded (#633) 2017-07-23 14:23:57 -04:00
Samuel Horwitz
0607e968d7 Update main.yml (#621) 2017-07-12 08:36:43 +02:00
Jack Ivanov
0bb9279094 bug in the gce_net module #616 (#620) 2017-07-09 10:32:06 -04:00
Jack Ivanov
78bd5b017c client fixes (#605) 2017-06-21 13:39:54 -04:00
Jack Ivanov
9d8e39f63d Move back to the Xenial repo (#606) 2017-06-21 13:39:29 -04:00
Jack Ivanov
f0283856ad fix revocation (#586) 2017-06-06 12:42:23 +02:00
Jack Ivanov
a8ebb16437 Enable timeouts. Fixes #581 2017-06-05 17:33:03 +02:00
Jack Ivanov
26c202ded5 Generate p12 each deployment. Generate ps1 scripts if windows supported. Define become for all the section. (#580) 2017-06-04 12:18:55 -04:00
Jack Ivanov
ba7859ba5f Revoke non-existing users fix 2017-06-04 11:30:55 +02:00
Jack Ivanov
0131505195 Enhance PS1 script (#510) 
update docs

Update README.md

update readme
 2017-05-23 11:31:53 -04:00
Jack Ivanov
e6c8f19d3c Create a VPC network for each instane (#561) 2017-05-23 11:30:57 -04:00
Jack Ivanov
ee6db37428 Change the P12 and SSH passwords only for new users (#550) 2017-05-21 22:28:18 -04:00
Jack Ivanov
40e0363b18 Add html helper for Android (#554) 
* add html helper #280

move to the new local schema

fix a typo

* Update client-android.md
 2017-05-21 22:27:53 -04:00
Ruben Jongejan
e9e6c6e383 cleaner syntax for local actions (#536) 
* refactored local actions to cleaner syntax

* openssl commands folded

* removed unnecessary local_action's
 2017-05-17 02:30:04 -04:00
Rod Vagg
75d64ac018 Make DNS blocklist URLs configurable (#548) 2017-05-15 12:39:34 +02:00
tetov
ac6db06a19 grammar edit (#540) 
* grammar edit

* Update openssl.yml
 2017-05-10 10:06:19 -04:00
Jack Ivanov
58d5a06e87 delete tasks and move to roles (#519) 2017-05-08 16:34:45 -04:00
Ruben Jongejan
07ddb5863b improved readability with native yaml (#530) 2017-05-08 16:34:24 -04:00
Jack Ivanov
97369c303a define local_dns if dns tag used (#533) 2017-05-08 16:33:30 -04:00
Jack Ivanov
0031d2809e Disable the Signature Algorithm check and add default vars. Fixes #525 2017-05-08 21:40:38 +02:00
Christopher J. Pilkington
a225bde2b8 Specify EIP domain (#521) 2017-05-06 09:16:28 -04:00
Jack Ivanov
6f170982aa move to Elastic IP (#512) 2017-05-04 08:33:31 -04:00
Jack Ivanov
9f698fdd68 Get strongswan from the Zesty repo on Xenial (#515) 2017-05-03 16:03:10 -04:00
Jack Ivanov
bd348af9c2 Implementing blocks and additional fail hints #487 (#497) 
change the troubleshooting url
 2017-04-29 10:48:25 -04:00
Jack Ivanov
2f5c050fd2 dpdaction to clear (#498) 2017-04-27 14:47:45 -04:00
Jack Ivanov
0ed68b6c30 Properly configure ICMP restrictions (#492) 2017-04-27 12:47:05 -04:00
Ryan Kasper
0cb43650cb Windows 10 -PfsGroup None --> -PfsGroup ECP256 (#493) 
* Windows 10 -PfsGroup None --> -PfsGroup ECP256

Fixes broken tunnel when rekey (CREATE_CHILD_SA request [ N(REKEY_SA) SA No TSi TSr KE ]) occurs (on my Windows 10 1703 build 15063.138 Creator's Update system this is ~every 57 minutes)

* Update Windows Client PfsGroup Commandline
 2017-04-27 12:46:50 -04:00
Jack Ivanov
540c761d3b Disable RSA in the mobileconfigs. Fixes #486 2017-04-25 23:06:51 +02:00
Jack Ivanov
451394100d Some enhances in the compat ciphers (#464) 
raise the IntegrityCheckMethod to SHA384

Move Windows to ECDSA

Increase IntegrityCheckMethod
 2017-04-23 16:00:37 -04:00
Dan Guido
aac052da46 this option is deprecated (#477) 2017-04-23 09:04:30 -04:00
Jack Ivanov
c3fcfe5d0d Let users choose the distro version #449 (#466) 
Make dpdaction great again

add 1704 to travis

Make EC2 image name more convenient

modify apparmor profile
 2017-04-22 17:06:10 -04:00
Andy Boutte
76cdc69548 CF tested and working for EC2 deployment (#431) 
* AWS CloudFormation #132

* IPv6 EC2 draft

* CF tested and working for EC2 deployment

* IPv6 Implementation, EC2, Cloudformation

* Fixed ipv6 networking

* adding ip6tables rule for DHCP on AWS
 2017-04-20 18:04:57 -04:00
Jack Ivanov
a7b06058cb remove the proxy role #440 (#457) 
* remove the proxy role #440

* Separate facts. Make roles more independent from each other

move openssl to local tasks

move unneeded tasks
 2017-04-20 18:00:17 -04:00
Dan Guido
0b05ea19bc Windows needs SHA2-256. Closes #453. (#456) 2017-04-20 07:26:46 -04:00
Dan Guido
8173b84ff8 Change uniqueids back to never (#448) 
We need this to allow multiple connections with the same id/certificate
 2017-04-19 09:53:30 +02:00
Dan Guido
b29772f146 prefer ed25519 2017-04-18 02:20:44 -04:00
Dan Guido
f9f7be7b0d Fix a typo from #439 2017-04-18 01:15:07 -04:00
Dan Guido
1778cb1f45 disable dpd #430 (#437) 
Closes #430
 2017-04-18 01:12:21 -04:00
Dan Guido
8e5e6d5088 remove extraneous integrity algos from AEAD ciphers (#439) 
In reference to
https://github.com/trailofbits/algo/issues/9#issuecomment-294370560
 2017-04-18 01:11:56 -04:00
Jauder Ho
5b2e13d18f Only enable ChaCha cipher (#412) 
* Only enable ChaCha cipher

* Add back a few ciphers for compatability
 2017-04-17 23:17:40 -04:00